Subtitles and Transcript

Mikko Hypponen

0:16
In the 1980sin the communist Eastern Germany,if you owned a typewriter,you had to register it with the government.You had to registera sample sheet of textout of the typewriter.And this was doneso the government could track where text was coming from.If they found a paperwhich had the wrong kind of thought,they could track downwho created that thought.And we in the Westcouldn't understand how anybody could do this,how much this would restrict freedom of speech.We would never do thatin our own countries.

1:03
But today in 2011,if you go and buy a color laser printerfrom any major laser printer manufacturerand print a page,that page will end uphaving slight yellow dotsprinted on every single pagein a pattern which makes the page uniqueto you and to your printer.This is happeningto us today.And nobody seems to be making a fuss about it.And this is an exampleof the waysthat our own governmentsare using technologyagainst us, the citizens.And this is one of the main three sourcesof online problems today.

1:57
If we take a look at what's really happening in the online world,we can group the attacks based on the attackers.We have three main groups.We have online criminals.Like here, we have Mr. Dimitry Golubovfrom the city of Kiev in Ukraine.And the motives of online criminalsare very easy to understand.These guys make money.They use online attacksto make lots of money,and lots and lots of it.We actually have several casesof millionaires online, multimillionaires,who made money with their attacks.Here's Vladimir Tsastsin form Tartu in Estonia.This is Alfred Gonzalez.This is Stephen Watt.This is Bjorn Sundin.This is Matthew Anderson, Tariq Al-Daourand so on and so on.

2:45
These guysmake their fortunes online,but they make it through the illegal meansof using things like banking trojansto steal money from our bank accountswhile we do online banking,or with keyloggersto collect our credit card informationwhile we are doing online shopping from an infected computer.The U.S. Secret Service,two months ago,froze the Swiss bank accountof Mr. Sam Jain right here,and that bank account had 14.9 million U.S. dollars on itwhen it was frozen.Mr. Jain himself is on the loose;nobody knows where he is.And I claim it's already todaythat it's more likely for any of usto become the victim of a crime onlinethan here in the real world.And it's very obviousthat this is only going to get worse.In the future, the majority of crimewill be happening online.

3:46
The second major group of attackersthat we are watching todayare not motivated by money.They're motivated by something else --motivated by protests,motivated by an opinion,motivated by the laughs.Groups like Anonymoushave risen up over the last 12 monthsand have become a major playerin the field of online attacks.

4:11
So those are the three main attackers:criminals who do it for the money,hacktivists like Anonymousdoing it for the protest,but then the last group are nation states,governments doing the attacks.And then we look at caseslike what happened in DigiNotar.This is a prime example of what happenswhen governments attackagainst their own citizens.DigiNotar is a Certificate Authorityfrom The Netherlands --or actually, it was.It was running into bankruptcylast fallbecause they were hacked into.Somebody broke inand they hacked it thoroughly.And I asked last weekin a meeting with Dutch government representatives,I asked one of the leaders of the teamwhether he found plausiblethat people diedbecause of the DigiNotar hack.And his answer was yes.

5:21
So how do people dieas the result of a hack like this?Well DigiNotar is a C.A.They sell certificates.What do you do with certificates?Well you need a certificateif you have a website that has https,SSL encrypted services,services like Gmail.Now we all, or a big part of us,use Gmail or one of their competitors,but these services are especially popularin totalitarian stateslike Iran,where dissidentsuse foreign services like Gmailbecause they know they are more trustworthy than the local servicesand they are encrypted over SSL connections,so the local government can't snoopon their discussions.Except they can if they hack into a foreign C.A.and issue rogue certificates.And this is exactly what happenedwith the case of DigiNotar.

6:20
What about Arab Springand things that have been happening, for example, in Egypt?Well in Egypt,the rioters looted the headquartersof the Egyptian secret policein April 2011,and when they were looting the building they found lots of papers.Among those papers,was this binder entitled "FINFISHER."And within that binder were notesfrom a company based in Germanywhich had sold the Egyptian governmenta set of toolsfor intercepting --and in very large scale --all the communication of the citizens of the country.They had sold this toolfor 280,000 Euros to the Egyptian government.The company headquarters are right here.

7:04
So Western governmentsare providing totalitarian governments with toolsto do this against their own citizens.But Western governments are doing it to themselves as well.For example, in Germany,just a couple of weeks agothe so-called State Trojan was found,which was a trojanused by German government officialsto investigate their own citizens.If you are a suspect in a criminal case,well it's pretty obvious, your phone will be tapped.But today, it goes beyond that.They will tap your Internet connection.They will even use tools like State Trojanto infect your computer with a trojan,which enables themto watch all your communication,to listen to your online discussions,to collect your passwords.

7:57
Now when we think deeperabout things like these,the obvious response from people should bethat, "Okay, that sounds bad,but that doesn't really affect me because I'm a legal citizen.Why should I worry?Because I have nothing to hide."And this is an argument,which doesn't make sense.Privacy is implied.Privacy is not up for discussion.This is not a questionbetween privacyagainst security.It's a question of freedomagainst control.And while we might trust our governmentsright now, right here in 2011,any right we give away will be given away for good.And do we trust, do we blindly trust,any future government,a government we might have50 years from now?And these are the questionsthat we have to worry about for the next 50 years.